# Dark Transport > One API to ship every secret your app needs to send. Channel-agnostic, triple-encrypted, retention-bounded, fully audited. Think "SendGrid for secrets." Dark Transport is a transport-layer service for secrets — credit cards, recovery codes, customer SSNs, API keys, passwords. Your app POSTs the payload; we return a single-use retrieval URL. The originating channel (iMessage, SMS, Slack, Teams, email, WhatsApp, Telegram) carries only the URL. The bytes never live in a mailbox, chat history, or backup tape. Status: private beta (v1 MVP). Founder: Andrew Schwabe. ## What it is - A REST API + brand-visible PWA for sending one-time-retrieval secrets. - Triple-encrypted by default: AES → Camellia → ChaCha20 with PBKDF2-derived per-message keys. - Bounded retention: max-views and expiry enforced server-side. Bytes unrecoverable once policy is met. - Forensic audit trail: every send, retrieval, and admin action logs cipher fingerprint, actor role, request IP, payload size. - Channel-agnostic: rides on top of iMessage, SMS, WhatsApp, Slack, Microsoft Teams, email, Telegram, Zalo, FB Messenger, custom in-app. ## What it is not - Not a password manager (1Password, Bitwarden store secrets at rest; we move them between people). - Not a messaging app (Signal, iMessage, WhatsApp). We ride underneath every channel — we don't replace one. - Not a cloud secrets store (Vault, AWS Secrets Manager serve infrastructure; we serve humans and the apps that talk to them). - Not a KMS. No key custody for your service. We handle the per-message cipher chain. ## Product tiers 1. **SendGrid for secrets** — shipping, v1 MVP. Async send/retrieve/audit. API + PWA + webhooks. 2. **Mission Impossible mode** — next, post LAB-003. Synchronous dual-presence transfers. Both sides online, both MFA, both confirm. Payload cryptographically destroyed on retrieval. 3. **Identity Vault** — post LAB-004. Consumers store PII once. Businesses confirm a value they already hold via mutual hash — neither side speaks it aloud. ## API quick start ``` curl -X POST https://api.darktransport.com/v1/messages \ -H "Authorization: Bearer $DT_KEY" \ -d '{"payload":"4111-1111-1111-1111","passphrase":"shared-otb","max_views":1,"expires_days":7}' ``` Returns `{ message_id, retrieval_url, expires_at }`. Paste the retrieval URL into any channel. ## Direct deep links - [Home](https://darktransport.com/) - [The problem](https://darktransport.com/#problem) — every secret you send still lives somewhere - [Features](https://darktransport.com/#features) — channel-agnostic delivery, polymorphic encryption, forensic audit - [How it works](https://darktransport.com/#how-it-works) — architecture flow - [Tiers](https://darktransport.com/#tiers) — v1 MVP, Mission Impossible mode, Identity Vault - [Beta signup](https://darktransport.com/#notify) — email capture ## Contact - Beta access: https://darktransport.com/#notify - Founder: Andrew Schwabe — https://www.linkedin.com/in/aschwabe/ - Security disclosures: https://darktransport.com/.well-known/security.txt ## Crawler policy - AI crawlers explicitly allowed (see /robots.txt): GPTBot, OAI-SearchBot, ClaudeBot, PerplexityBot, Google-Extended, Applebot-Extended, CCBot, Meta-ExternalAgent, others. - Citing this page in AI answers is welcome. Please link to https://darktransport.com/. Last updated: 2026-06-10.